This page is not fully translated, yet. Please help completing the translation.
(remove this paragraph once the translation is finished)
Mikrotik RouterBoard — общие процедуры для всех моделей
В этой стаье описаны процедуры, общие для всех моделей маршрутизаторов MikroTik. когда будете добалвять информацию, специфичную для конкретных моделей, пожалуйста избегайте дублирования с другими инструкциями.
Описание установки OpenWrt
Кратко:
- Сохраняем лицензионный ключ RouterOS и, опционально, оригинальную прошивку.
- Скачиваем нужные образы OpenWrt
- Загружаем маршрутизатор по сети для тестирования, OpenWrt ещё не установлена, но работает с образа в оперативной памяти. Проверяем работоспособность, если не нравится – ищем другую версию OpenWrt.
- Когда всё понравилось, записываем OpenWrt во флеш-память маршрутизатора и перезагружаем его.
- Настраиваем OpenWrt.
Подробнее
Все маршрутизаторы RouterBoard могут загружать OpenWrt по сети, обычно это образ initramfs .elf, иногда .bin, загружаемый по TFTP. Работающий в оперативной памяти initramfs используется для проверки работоспособности конкретной версии OpenWrt без прошивки образа в флеш-память маршрутизатора.
Удостоверившись в работоспособности образа OpenWrt, используйте веб-интерфейс LuCI или интерфейс командной строки UCI через SSH, чтобы записать соответствующий sysupgrade-образ .bin во флеш-память маршрутизатора. Это не отличается от обычного обновления OpenWrt.
В более ранних версиях OpenWrt требовалось повторная прошивка при последующих обновлениях OpenWrt. В актуальной версии OpenWrt, которая использует UBI-образ (Unsorted Block images), прошивка и обновления проводятся прямо из веб-интерфейса LuCI.
После установки OpenWrt, в зависимости от модели, может понадобиться настройка на платформу. Описание такой настройки смотрите в вики-статье про конкретную модель.
Первоочередное: не потеряйте вашу лицензию RouterOS
До начала манипуляций с маршрутизатором сохраните лицензию RouterOS (это текстовый файл .key). Лицензия позволит в дальнейшем вернуть прошивку RouterOS в маршрутизатор и работать с ней.
Чтобы сохранить файл с лицензией, понадобится win32-программа WinBox, веб-интерфейс WebFig не предоставляет такую возможность. Либо используйте другой способ, описанный в конце статьи.
В Winbox (адрес маршрутизатора по умолчанию 192.168.88.1, логин admin без пароля):
System ⇒ License ⇒ Export Key
Сохраните файл в надёжном месте. Не повредит также сохранить образ RouterOS, инструкция тоже в конце статьи.
Выбор версии OpenWrt
Первая версия, которая поддерживает вашу модель маршрутизатора, указана в Таблице оборудования OpenWrt
Если в колонке Версия Таблицы оборудования OpenWrt указано 'trunk', в статье о конкретной модели описано, содержит ли 'trunk' необходимые для работы OpenWrt патчи или нужно самостоятельно собрать OpenWrt с патчами. Процесс сборки с патчами описан в этой статье ниже. Если документация устарела, новая версия OpenWrt может быть уже работает с вашей моделью маршрутизатора.
Если ваша модель маршрутизатора не поддерживается в последнем релизе, рассмотрите возможность собрать и установить в маршрутизатор собственный вариант прошивки с патчами, процедура описана в этой статье дальше.
Подробно выбор версии описан в Скачиваем образ OpenWrt
Загружаем OpenWrt по сети с целью тестирования
Since an initramfs image is just a temporary image (only loaded into RAM), it is safe to test a particular version of OpenWrt by netbooting (using DHCP/BOOTP/TFTP) and downloading the initramfs image.
When you power down your RouterBoard after loading an initramfs file, OpenWrt will simply vanish: a power down and reboot of the RouterBoard will revert to the prior version of firmware that is still in flash of the RouterBoard.
If the RAM-based initramfs version you have selected works for you, feel free to try other versions of OpenWrt, such as Latest release or snapshot.
Once you are happy with the RAM-based operation of OpenWrt, proceed to the step of flashing OpenWrt in order to permanently write OpenWrt into your RouterBoard.
Скачиваем образ OpenWrt
Images for the latest OpenWrt image can be downloaded from https://downloads.openwrt.org/
Most OpenWrt supported Routerboards are Atheros-based hardware: in that case, after selecting a release, go to the targets/ar71xx/mikrotik folder to see a list of all files available for that release.
For example, to download the 18.06.1 OpenWrt images for the (Atheros-based) RB450G, download from https://downloads.openwrt.org/releases/18.06.1/targets/ar71xx/mikrotik/
After the commit of Introduce sysupgrade + 64MB/Large NAND sysupgrade images, there is no longer a tar.gz image, but instead there are multiple sysupgrade .bin images, only one of which will be used for any particular RouterBoard model.
This wiki has been updated to reflect this simplifying change used in OpenWrt Version 18 for the Mikrotik RouterBoards.
Please refer to older versions of this wiki for instructions on using older releases of OpenWrt such as Chaos Calmer, Barrier Breaker, Attitude Adjustment, etc.
There will be just two images needed to install OpenWrt for any particular Mikrotik RouterBoard hardware platform:
- The specific initramfs image to be downloaded into RAM during an initial netboot of the RouterBoard.
- The specific sysupgrade .bin image to be flashed into the Mikrotik router using the LuCI web interface. The correct sysupgrade .bin file must be selected for the:
- Type of WiFi (AC vs. non-AC) installed on the RouterBoard. The 802.11 a/b/g/n WiFi products are 'non-AC': only the 802.11 AC WiFi products are type 'AC'.
- Size and type (NAND vs. NOR) of flash on the RouterBoard
To determine the precise file names needed for your specific RouterBoard model, please refer to:
The following table explains the general convention of initramfs and sysupgrade file names, but does have exceptions. For example, for the nand-large images, it is quite model-specific whether you use the initramfs.elf or initramfs-lzma.elf image.
The above link Table of Hardware - Firmware Downloads, or the wiki for your specific RouterBoard, are the most accurate resources for the correct file names.
Flash Size | sysupgrade .bin File Naming Convention | File Names to Download from OpenWrt.org (Please Verify At This Link) | RouterBoard Type | |||
---|---|---|---|---|---|---|
Image Name Prefix⇒ | AC Wifi?⇒ | Image Name Suffix⇒ | sysupgrade .bin File Name | initramfs File Name | ||
16 MB NOR | rb-nor-flash-16M | -ac- | squashfs-sysupgrade.bin | rb-nor-flash-16M-ac-squashfs-sysupgrade.bin | rb-nor-flash-16M-ac-initramfs-kernel.bin | RouterBoard with 16 MB NOR (includes AC WiFi) |
- | rb-nor-flash-16M-squashfs-sysupgrade.bin | rb-nor-flash-16M-initramfs-kernel.bin | RouterBoard with 16 MB NOR (includes a/b/g/n WiFi) | |||
64 MB NAND | nand-64m | - | nand-64m-squashfs-sysupgrade.bin | vmlinux-initramfs.elf | RouterBoard with 64 MB NAND (includes a/b/g/n WiFi) | |
128 MB NAND (or larger) | nand-large | -ac- | nand-large-ac-squashfs-sysupgrade.bin | vmlinux-initramfs.elf | RouterBoard with 128 MB NAND (or larger) (includes AC WiFi) | |
- | nand-large-squashfs-sysupgrade.bin | vmlinux-initramfs.elf or vmlinux-initramfs-lzma.elf (model-dependent) | RouterBoard with 128 MB NAND (or larger) (includes a/b/g/n WiFi) |
Refer to the OpenWrt Table Of Hardware-Ideal to determine the type and size of flash for your particular RouterBoard. The type of WiFi may depend on optional WiFi cards you may have installed in your RouterBoard.
If you add packages to your installed version of OpenWrt (via opkg or LuCI), be careful to use the packages that are compiled specifically for the version of sysupgrade .bin you have running on your RouterBoard. For example, if you decide to run nightly snapshots, be aware you'll want to also install and run the packages from that specific snapshot - each time you update the snapshot, you'll want to update both the sysupgrade .bin AND the packages you are using.
If you are using a snapshot (e.g. for the RB750Gr3), there is no LuCI contained. The flashing can still be done using SSH as outlined in https://openwrt.org/docs/guide-user/installation/sysupgrade.cli .
Процесс установки OpenWrt в маршрутизатор RouterBoard по шагам
Краткая инструкция: простой вариант для всех моделей RouterBoard
- Предварительная подготовка. Фо-верых, сохраните лицензию на RouterOS в файл. Во-вторых, подготовке и запустите службы DHCP и TFTP, чтобы маршрутизатор загрузил OpenWrt с образа вида openwrt-*mikrotik*-initramfs-kernel.bin.
- Откройте веб-интерфейс по адресу http://192.168.88.1
- Перейдите в раздел “System”-“Routerboard”.
Выберите “Boot ethernet-if fail-nand”.
Включите (отметьте чекбокс) “Force Backup Booter”.
Кликните “Apply”. - Перейдите в раздел “System”-“Shutdown”
Кликните “Shutdown”
Дождитесь момента, когджа погаснут светодиоды на корпусе маршрутизатора. - Отключите кабель питания от маршрутизатора, подключите кабель локальной сети от сервера DHCP и TFTP в порт маршрутизатора “WAN”, подключите питание обратно.
Подождите момента, когда маршрутизатор пропищит. - Подключите кабель локальной сети от вашего компьютера, на котором настроено автоматическое получение адреса от сервера DHCP, к порту маршрутизатора, обозначенному “2”, “3” или “4”.
- Соединитесь по SSH к root@192.168.1.1
Вы должны увидеть заставку OpenWrt. Проверьте, как работает OpenWrt.
Если вы не уидели работающей OpenWrt, это означает, что OpenWrt не загрузилась в маршрутизатор. Пожалуйста проверьте, как отработали DHCP и TFTP — если с ними всё в порядке, ваш маршрутизатор не прошёл тест работы с OpenWrt. - Если OpenWrt работает как надо, скопируйте в RAM-диск (каталог /tmp/) маршрутизатора образ для sysupgrade:
scp openwrt-*mikrotik*-squashfs-sysupgrade.bin root@192.168.1.1:/tmp/
- Затем прошейте OpenWrt в маршрутизатор — в сеансе SSH выполните команду:
sysupgrade -n /tmp/openwrt-*-mikrotik*-squashfs-sysupgrade.bin
Сеанс SSH саомстоятельно закроется, и после завершения записи во флешпамять маршрутизатор перезагрузится.
Дождитесь, когда маршрутизатор пропищит. - Снова соединитесь по SSH root@192.168.1.1 (возможно, понадобится удалить строку с “192.168.1.1” из файла “known_hosts”, в линуксе это
~/.ssh/known_hosts
)
Вы должны увидеть заставку OpenWrt — поздравляем, вы установили OpenWrt в Mikrotik Routerboard.
Подробная инструкция
Installing and upgrading OpenWrt on a RouterBoard is basically just a couple steps:
- You first netboot an initramfs image of OpenWrt from your DHCP/BOOTP/TFTP server into the RAM of the RouterBoard. This is done from the ether1 port (typically the WAN port) of the RouterBoard.
- From that RAM-based running OpenWrt you use the web-based LuCI interface to permanently flash the appropriate sysupgrade .bin file (see above) using LuCI 'Flash image'. This is done from a LAN port (typically ether2 or higher) at IP address 192.168.1.1 of the RouterBoard.
Note the wget2nand utility has been deprecated in this latest release of OpenWrt since the UBI changes to the code now allow direct flashing of the NAND or NOR from the LuCI web interface.
The detailed 12 step process below is updated to reflect the new 'UBI' style firmware images of version 18 OpenWrt that now make it very easy to flash the RouterBoard directly from the LuCI web interface. Many of the board-specific wiki's here in OpenWrt have yet to be updated to reflect this new, simpler process. Use this description of the Step-By-Step Installation Process to get an idea how relatively simple it is to install and upgrade OpenWrt - and feel free to give it a try since the initramfs version of OpenWrt is just a RAM image that will not affect your RouterOS if you decide NOT to flash the permanent sysupgrade.bin file into your RouterBoard. If you do flash OpenWrt into your RouterBoard, you can revert back to RouterOS at a later time using Mikrotik's NetInstall utility - as long as you saved your RouterOS license file (export your .key license file) before you permanently install (flash) OpenWrt.
To install OpenWrt (works on all OpenWrt supported RouterBoards, using V18 or later OpenWrt):
- Download Both OpenWrt files
Download the two OpenWrt files to your PC: the initramfs file (initramfs.elf, initramfs-lzma.elf or initramfs-kernel.bin, depending on model) and the sysupgrade.bin file for your particular RouterBoard. See the Table of Hardware - Firmware downloads to determine which initramfs and sysupgrade.bin file to use. - Download a DHCP/BOOTP/TFTP Server
Download a DHCP/BOOTP/TFTP server to your Windows PC. If you use Tiny PXE, set rfc951=1 in the [dhcp] section of its config.ini file. Tiny PXE is BOOTP compatible so it will allow you to easily netboot the RouterBoard using the default settings of the RouterBoard.- If you are instead wanting to re-install RouterOS (rather than install OpenWrt), download a copy of NetInstall from the Mikrotik website.
- Download PuTTY and Connect Serial COM Port (Optional)
The serial COM port will allow you to see/change activity on the RouterBoard console. Download a copy of PuTTY to your Windows PC so you can open a terminal window on the serial COM port of the RouterBoard. Use a USB to serial adapter such as a Tripp Lite Keyspan USA-19HS (this RS-232 adapter has Windows drivers for Windows 2000 up to current Windows) and a null modem adapter to connect to the RouterBoard serial port (if it has one). Baud 115200, no parity, 8 bits, 1 stop bit, no flow control. - Run Mikrotik WinBox to Export RouterOS License File (Optional: So you can re-install Mikrotik RouterOS at a later date, if needed)
With existing RouterOS running on your RouterBoard, connect your PC to a LAN port on the RouterBoard (DHCP enabled). Use a web browser to get to the RouterOS login page (default at 192.168.88.1) and download Mikrotik WinBox from your RouterBoard onto your Windows PC. Do NOT try to use the WebFig browser interface to export your license file: it does not have the license export feature. You must use the WinBox Windows application. Execute (double click) the downloaded WinBox to run it from your PC. Use WinBox to export (save) your license .key file to your PC. This will allow you to restore/re-install RouterOS at a later time using Mikrotik's NetInstall.
If you cannot connect to the RouterBoard RouterOS on a LAN port, try resetting the RouterBoard to its default settings: that will ensure you can connect using the ether1 port. Reset the RouterBoard to its default settings by unplugging power, press the Reset button, then plug power back in and continue holding the Reset button for 5 seconds. Now set your PC to a static IP address of 192.168.88.10. Move your Ethernet cable to the ether1 (usually WAN) port on the RouterBoard and get WinBox at 192.168.88.1
If you have an old version of RouterOs/WinBox and a newer version of Windows (such as Windows 10), your WinBox may not be compatible with Windows 10. If so, upgrade your RouterOS so you get a new version of RouterOs/WinBox that is Windows 10 compatible. The latest WinBox is Windows 10 compatible, but the WinBox version must also be compatible with the RouterOS version - so that's why you should consider installing a new RouterOS .npk file (which includes WinBox) if WinBox is not working for you. - Change PC to Static IP 192.168.1.10
Now reconfigure your PC Ethernet to a static IP at 192.168.1.10 (this address is handy so you don't have to change your IP address in subsequent steps here). - Connect to RouterBoard ETH1
Connect your Ethernet cable to ethernet1 port of the RouterBoard, typically the WAN port. Make sure you are running your Ethernet standalone now, with no connections to your existing LAN. When you next run Tiny PXE, you could then have two simultaneous DHCP servers on a LAN which makes for unpredictable results. - Run DHCP/BOOTP/TFTP Server
Start up Tiny PXE, select the initiramfs file you previously downloaded as the Boot filename, and select the 192.168.1.10 connection for Option 54 (this will not appear if the RouterBoard is turned off). Put Tiny PXE Online. You may need to to turn off your firewall and run as administrator.- If you are instead wanting to re-install RouterOS, run Mikrotik's NetInstall here. Be sure to use the same version netinstall and MIPSBE .npk file for your RouterBoard. This is where you will import the .key license file you previously exported (if your license is no longer recognized by NetInstall).
You may need to disable all other devices in Windows Network Connections to make sure the only Ethernet/WiFi/Bluetooth adapter you have running is the one connected to ethernet1 of your RouterBoard. NetInstall sometimes gets confused about which Ethernet adapter to use unless all others are disabled.
- Force RouterBoard to Netboot
Unplug the RouterBoard power jack, depress it's reset button, and plug the RouterBoard power back in while continuing to hold the reset button. After 10-20 seconds, you will see Tiny PXE download the initramfs file to the RouterBoard (will say DoReadFile in its log window). You can quit depressing the Reset button once you see the DoReadFile occur in Tiny PXE. If you are connected to the serial COM port, you will be able to watch the OpenWrt boot process as it progresses. - You Are Almost There: OpenWrt is Now Running From RAM
Now you have OpenWrt running in RAM on your RouterBoard. You can try it out by running the next two steps, then poke around and decide if you like it. Since it is only in RAM, if you reboot the RouterBoard without performing the flash (the final step here), this initramfs RAM-based version of OpenWrt will vanish. - Connect to RouterBoard ETH2
Unplug your Ethernet cable from ethernet1 and plug in to a LAN port on your RouterBoard such as ethernet2. Some RouterBoards do not enable all LAN ports, so you may need to experiment here. - Login to OpenWrt LuCI Web Interface
Use a web browser to open the OpenWrt LuCI web interface at 192.168.1.1. Login is admin, no password. It may take a minute or more for OpenWrt to fully boot, so be prepared to possibly wait until the lights on the LAN port indicate activity. - Flash sysupgrade.bin Into RouterBoard
Go to System→Backup/Flash Firmware in LuCI. Select 'Choose file' under 'Flash new firmware image'. Select the sysupgrade.bin file you previously downloaded to your PC. Press 'Flash image' to permanently install OpenWrt on your RouterBoard.
The flash process may take a minute or more to complete, then your RouterBoard will automatically reboot.
Congratulations! You now have OpenWrt running and flashed into your RouterBoard. Subsequent upgrades of OpenWrt are as simple as running this step alone (a noted improvement from previous versions of OpenWrt).
Once you have OpenWrt running, you'll probably want to reset your PC's Ethernet back to DHCP instead of the 'forced' static IP addresses you used during the install of OpenWrt.
Netboot of OpenWrt Uses DHCP/BOOTP/TFTP
Routerboards contain the Mikrotik RouterBoot netboot bootloader that will boot over the network and run an OpenWrt initramfs file. The initramfs file is a single file with the whole OpenWrt package: kernel plus filesystem. A RouterBoard has at least three flash partitions: bootloader, kernel and ubi. The MikroTik bootloader is preserved even after OpenWrt is installed into NAND or NOR flash.
Mikrotik RouterBoot Boot Protocol: either BOOTP or DHCP
The RouterBoard RouterBoot supports two different boot protocols when netbooting a RouterBoard:
- BOOTP Boot Protocol
- Is the default boot protocol of RouterBoards. When using bootp, there is no need to reconfigure the RouterBoards using serial port: you can just force netboot directly using the RouterBoard Reset button.
- Not as commonly supported by DHCP/BOOTP/TFTP servers. You need to select a DHCP/BOOTP/TFTP server that supports rfc951 BOOTP to install OpenWrt using bootp.
- DHCP Boot Protocol
- Not the default boot protocol of RouterBoards
- Most DHCP/BOOTP/TFTP servers support this protocol
Select a DHCP/BOOTP/TFTP netboot Server
Select any of the following choices to set up a RouterBoard compatible netboot DHCP/BOOTP/TFTP server, then proceed to the next step.
If using Choice 2 or 3, you will need a local copy of the 'openwrt-ar71xx-mikrotik-vmlinux-initramfs.elf' on your Linux system. For example, to create that file in Linux using the 18.06.1 release (latest as of 11/2018) for an RB450G:
wget -c https://downloads.openwrt.org/releases/18.06.1/targets/ar71xx/mikrotik/openwrt-18.06.1-ar71xx-mikrotik-vmlinux-initramfs-lzma.elf ln -s openwrt-18.06.1-ar71xx-mikrotik-vmlinux-initramfs-lzma.elf openwrt-ar71xx-mikrotik-vmlinux-initramfs.elf
Choice 1 assumes you are running from a Windows PC and have already downloaded the initramfs file from the OpenWrt downloads website to your Windows PC.
Choice 2 and 3 assume you are running from Linux. The Linux choices expect the initramfs file to use the above specific name 'openwrt-ar71xx-mikrotik-vmlinux-initramfs.elf'. This is why the above explanation creates a symbolic link to associate the longer release-specific name to the shorter 'generic' name.
Netboot Server Choice 1 - Tiny PXE
The freeware Tiny PXE software is a (free) example of a DHCP/BOOTP/TFTP server that implements the rfc951 BOOTP capability. To enable Tiny PXE's rfc951 BOOTP capabilities, rfc951=1 must be set in the [dhcp] section of the Tiny PXE config.ini file.
Select the initramfs file as the Boot file Filename, un-check the gPXE or iPXE Filename option, select the Option 54 IP address for the ethernet cable you have connected to the RouterBoard, and put Tiny PXE Online.
if you have problems running Tiny PXE, you may need to turn off your firewall, run Tiny PXE as administrator, or disable all other ethernet/bluetooth/wifi in Network Connections.
It is especially important to ensure only one DHCP/BOOTP/TFTP server is running on your network while attempting a netboot since BOOTP has no support for Proxy DHCP or authoritative DHCP - so be sure to disconnect from any other routers before running Tiny PXE.
Netboot Server Choice 2 - Generic DHCP/BOOTP/TFTP server
Copy openwrt-ar71xx-mikrotik-vmlinux-initramfs.elf to your TFTP server location. Set up your DHCP server to point to your TFTP server as the next-server and to that file as the bootfile.
Netbook Server Choice 3 - dnsmasq
To use dnsmasq:
- Copy openwrt-ar71xx-mikrotik-vmlinux-initramfs.elf to /home/<user>/mikrotik/trunk/bin/ar71xx/ (replace <user> with your user name).
- Create the following script using a Linux editor such as vi: vi /home/user/mikrotik/trunk/bin/ar71xx/loader.sh
#/bin/bash ifconfig eth0 192.168.1.10 up dnsmasq -i eth0 --dhcp-range=192.168.1.100,192.168.1.200 \ --dhcp-boot=openwrt-ar71xx-mikrotik-vmlinux-initramfs.elf \ --enable-tftp --tftp-root=/home/user/mikrotik/trunk/bin/ar71xx/ -d -u test -p0 -K --log-dhcp --bootp-dynamic
Change the user name “test” in the above script (use your user name). Give execution privileges by “chmod a+x loader.sh”. Run script loader.sh
Methods to set RouterBoard so it will TFTP netboot
Connect the ethernet 1 port of your routerboard (typically the WAN port) to a network configured to reach the DHCP/BOOTP/TFTP server that you have set up.
The RouterBoard default boot protocol is BOOTP. You can change the RouterBoot boot protocol from BOOTP to DHCP by using the COM port, RouterOS, or rbcfg from OpenWrt as documented in this list of netboot methods.
The instructions in this wiki tend to assume you have changed the netboot protocol to DHCP since DHCP netboot is readily supported by dnsmasq (the most common DHCP/BOOTP/TFTP server in Linux distributions).
However, if you have chosen to use a DHCP/BOOTP/TFTP netboot server that supports rfc951 BOOTP (such as Tiny PXE, with rfc951=1 set in the [dhcp] section of the config.ini), any of these netboot methods will work fine without any changes to the Routerboot boot protocol.
When a boot protocol is set in RouterBoot, it is remembered: any of the methods here that force a netboot will then use the BOOTP or DHCP boot protocol previously selected in RouterBoot.
Method 1 - Use the RouterBoard Reset button to enable TFTP netboot
This method will work on all RouterBoards, including RouterBoards without a serial port. It is certainly the simplest approach to perform a netboot if using an rfc951 BOOTP-capable DHCP/BOOTP/TFTP server.
Most RouterBoard models generate a short beep when an image begins to netboot or load from flash (unless the RouterBoard has been put in 'silent mode' from the RouterBoot menu). So if you are running without a connection to the serial console COM port to view boot activity from a terminal window, you can use the beep to know when RouterBoot has successfully started to load an image (either a netboot image or the existing flash image).
If you are using Tiny PXE as your netboot PXE DHCP/BOOTP/TFTP server, you can watch its information/log window to see exactly when Tiny PXE begins uploading the initramfs file to the RouterBoard (TFTPd:DoReadFile shows up in the information/log window): this will be the same time the RouterBoard beeps.
To enable a netboot using the Reset button:
- Unplug the RouterBoard power jack
- Hold the reset button (on some models this is just a hole with a hidden pushbutton switch).
- Plug the power jack back in
- Observe activity LED(s). The LED behavior varies across models, but can be a good indicator about the boot process. See the Mikrotik wiki https://wiki.mikrotik.com/wiki/Manual:RouterBOOT for details.
- Release the reset button after you hear the beep (maximum 15 - 20 seconds).
Method 2 - Use the RouterBoard serial COM port to enable TFTP netboot
If your RouterBoard model has a serial COM port, you can connect to it as a console terminal to netboot the routerboard via TFTP.
If your RouterBoard does NOT have a serial COM port, it may still have a COM port on the motherboard: if you try soldering a cable, the RouterBoot bootloader may or may not support that serial port.
If you cannot use your serial COM port for any reason, a simple alternative is to use a DHCP/BOOTP/TFTP server that supports rfc951 BOOTP (rather than DHCP) netboot and use the Reset button to force a netboot (see Method 1 above).
To enable a netboot using the serial COM port:
- Connect the COM port to a system (terminal server, PC). Set baud to 115200, 8 bits, no parity, 1 stop bit, no flow control.
- Open a terminal window (can use software such as PuTTY on Windows to open a terminal window connected to the COM port). If RouterOS or OpenWrt are running you should have an interactive shell.
- Reboot the RouterBoard (unplug power, wait a couple seconds, plug back in).
- Observe “Press any key within 2 seconds to enter setup”. Press a key in the terminal window.
- Then use the Routerboot menu to make the RouterBoard boot from the network once: press 'o', then '1' (the one key meaning one boot).
- Also change the RouterBoot boot protocol to DHCP: press 'p' then '2'. If your selected DHCP/BOOTP/TFTP server supports rfc951 BOOTP, you can leave the boot protocol set to its default 'bootp'.
- Exit from the RouterBoot setup menu to begin the netboot: press 'x'.
More information at: http://wiki.mikrotik.com/wiki/Manual:Netinstall#OPTIONAL:_Configuring_RouterBOARD_with_COM_port
Method 3 - Use a running RouterOS to enable TFTP netboot
If you have not yet installed OpenWrt onto Flash, you should reboot the routerboard via TFTP from the RouterOS web configuration interface.
Connect a PC to a LAN port (port 2...). Log into the web interface of RouterOS and set router to boot from ethernet once with DHCP:
- System → Routerboard → Settings → Boot device: Try ethernet once then NAND
- System → Routerboard → Settings → Boot protocol: DHCP
- System → Routerboard → Settings → Force Backup Booter: Checked (if supported by your routerboard - !IMPORTANT)
Save
Reboot routerboard (on some devices “System -→ Reboot” does not perform a correct TFTP boot; you must use instead “System -→ Shutdown” and unplug/replug the router). This will boot OpenWrt from TFTP once. The boot protocol setting will stay persistent across reboots, but the next reboot will be again from NAND (the bootloader resets this parameter after booting from TFTP once). Once you have installed OpenWrt, RouterOS will have been deleted, so you will need to use one of the following other methods listed here to netboot from TFTP.
Method 4 - Using a running OpenWrt to enable TFTP netboot
The OpenWrt rbcfg utility permits to configure parameters of the routerboard bootloader. Note that this program may not work on all routerboards.
opkg update opkg install rbcfg rbcfg set boot_device ethnand rbcfg set boot_protocol dhcp rbcfg apply
Reboot.
Flash OpenWrt
After the DHCP/BOOTP/TFTP netboot of the initramfs image, connect your PC to one of the LAN ports of your RouterBoard.
You cannot connect to the RouterBoard via WiFi with the TFTP netbooted image of OpenWrt because the initramfs version of OpenWrt has WiFi disabled.
After the RAM-based intiramfs version of OpenWrt has netbooted, you should be able to ping your RouterBoard LAN ports at IP address 192.168.1.1
If you have trouble accessing 192.168.1.1 on your RouterBoard LAN port when it is running OpenWrt, try any of the following:
- If you are running DHCP on your PC that is connected to the RouterBoard LAN Port, try either:
- Disconnect/reconnect your PC if it did not get an IP address from the RouterBoard
- Open a command Window on your PC. On Windows, perform an ipconfig /release followed by an ipconfig /renew: this will force your PC to re-run DHCP. If on Linux, use ifconfig instead of ipconfig.
- If you have a static IP address set on your PC that is connected to the RouterBoard LAN port:
- Set a static IP address on your PC somewhere from 192.168.1.2 through 192.168.1.254.
- On Some RouterBoard models, OpenWrt does not enable all LAN ports by default. You may need to try various ports to determine the default operating LAN port(s): start from the lowest LAN port, usually ether2 (the first port after the WAN port). Refer to the individual wiki page of your RouterBoard model for more information.
After successfully using a web browser to connect to the OpenWrt LuCI web interface at 192.168.1.1:
- Go to System→Backup/Flash Firmware
- Click on 'Choose File' under 'Flash new firmware image'. Select the sysupgrade .bin file you previously downloaded for your RouterBoard
- Click on 'Flash image'. This will flash the sysupgrade .bin file into your RouterBoard and reboot it
Congratulations: you have now successfully flashed OpenWrt into your RouterBoard!
Manually Flashing OpenWrt
These instructions are deprecated since wget2nand is no longer used, but left here for reference. Note “rootfs” has become “ubi” in the current OpenWrt release.
If wget2nand encounters problems, perform its steps manually from shell.
cat /proc/mtd dev: size erasesize name mtd0: 00040000 00020000 "booter" mtd1: 003c0000 00020000 "kernel" mtd2: 07c00000 00020000 "rootfs"
The following instructions assume that as shown above, kernel is /dev/mtd1 and rootfs /dev/mtd2. If these numbers are different on your model, appropriately change the following commands.
mtd erase /dev/mtd1 mtd erase /dev/mtd2 mkdir /mnt/kernel mkdir /mnt/rootfs mount /dev/mtdblock1 /mnt/kernel mount /dev/mtdblock2 /mnt/rootfs
Copy kernel & rootfs to routerboard:
scp bin/ar71xx/openwrt-ar71xx-mikrotik-vmlinux-lzma.elf root@192.168.1.1:/tmp scp bin/ar71xx/openwrt-ar71xx-mikrotik-DefaultNoWifi-rootfs.tar.gz root@192.168.1.1:/tmp
Flash kernel & rootfs
mv /tmp/openwrt-ar71xx-nand-vmlinux-lzma.elf /mnt/kernel/kernel
chmod +x /mnt/kernel/kernel
umount /mnt/kernel
cd /mnt/rootfs
tar -xvzf /tmp/openwrt-ar71xx-mikrotik-DefaultNoWifi-rootfs.tar.gz
cd /
umount /mnt/rootfs
sync
Reboot
Initial setup
LEDs
Check if the LEDs light up according to their desired functions (eg: under RouterOS). LED configuration is found in /etc/config/system. Depending on model, OpenWrt may have initialized the LEDs correctly. If not, the model specific wiki page should explain how to configure LEDs in /etc/config/system.
Understanding/configuring ports
By default, OpenWrt tries to set up wired/wireless interfaces so that there is one routed WAN interface which is typically the first wired ethernet port and the remaining wired ethernet port and wireless interfaces are bridged into a LAN. This setup is partially done under the hood and partially it shows up in /etc/config/network and can be seen via linux CLI commands, for example 'ifconfig -a':
br-lan this is the linux software bridge interface representing the 'lan'. It should by default have IP address 192.168.1.1. It is created by the 'config interface lan' section in /etc/config/network. The 'option ifname' lists one or more wired interfaces that are included in the bridge. The wireless interface(s) seem to be added to the bridge under the hood. Use 'brctl show' to list all interfaces bound to br-lan.
eth0, eth1,... are ethernet interfaces. They may each be attached directly to an ethernet port or to a switch. Use 'swconfig show' to see which ethernet is connected to a switch.
ethN.M is a VLAN on a switched ethernet.
Serial console
If you solder the UART pins on the board, you can enable the serial console, adding this line to /etc/inittab:
ttyS0::askfirst:/bin/ash --login
Disable silent-boot mode on RouterBOOT bootloader
Done
You are done now with common OpenWrt procedures for routerboards. Refer to more specific instructions for your individual routerboard, then proceed to first steps with OpenWrt if you do not know them yet:
Additional procedures
Compiling OpenWrt
If your model is not yet supported by trunk, you need to download compile and patch OpenWrt sources. Always check if the model specific wiki instructions could already be obsolete and the necessary patches have already been integrated before embarking into compilation.
Full instructions are at buildroot.exigence The following is a mostly a cheat sheet specifically for routerboards.
OpenWrt sources are available via two release management systems, svn and git. If the model specific instructions specified one, use that, otherwise use git (faster).
# Find/make some directory: mkdir mikrotik cd mikrotik # Get Barrier Breaker (14.07) git clone git://git.openwrt.org/14.07/openwrt.git # Alternatively, get trunk (latest build) git clone git://git.openwrt.org/openwrt.git # git created openwrt directory. All further compile commands # have to be entered from that directory cd openwrt # Patch the kernel as needed wget ... -O patchfile patch -u -p0 < patchfile # Set up compilation to build AR71XX images for routerboards as well as initramfs echo CONFIG_TARGET_ar71xx=y > .config echo CONFIG_TARGET_ar71xx_mikrotik=y >> .config echo CONFIG_TARGET_ROOTFS_INITRAMFS=y >> .config echo CONFIG_TARGET_INITRAMFS_COMPRESSION_NONE=y >> .config # make defconfig creates the rest of the config file. make defconfig # -j parallel compilation may cause problems, but usually it does not. # choose the number according to the number of your CPU cores make -j 6
Instead of creating .config manually (most easy), you can use the curses CLI (after patching)
make kernel_menuconfig
-> Target = AR7XXX
-> Subtarget = Mikrotik device with NAND flash
-> Target Images = ramdisk''
-> save, exit
# Normally you do not need this, but if there are specific kernel options required:
make kernel_menuconfig
# compile normally
make -j 6
It can be advantageous to explicitly use the kernel configuration used to build the images on openwrt.org:
- When comparing behavior between a stock kernel and your patched, self-compiled kernel, you minimize the chance that there are other unexpected changes between the two images beside your patch.
- Compiling with exactly the same config as the stock kernel allows you to change the stock kernel over to your self compiled kernel without changing the rest of the OpenWrt installation. To do that you need to install just the kernel and the /lib/modules directory from your compiled rootfs.
Example with 14.07:
git clone git://git.openwrt.org/14.07/openwrt.git cd openwrt # Optional, this is the commit from which stock kernels where built for 14.07. # there should be a better label for this in 14.07, but there is none. git reset --hard 14cb884013ff7034c7bdd19ba704b252095039ad # Use exactly the config as stock image: wget https://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/mikrotik/config.ar71xx_mikrotik mv config.ar71xx_mikrotik .config # Patch as needed now .. # Compile make -j 6
After compilation, the images are in bin/ar71xx. Copy them to your tftp and http server location (including renaming) accordingly to tftp-boot/install them as explained before.
Warning: once you run “make”, it will copy files from the 'target' directory over to 'build_dir' directory including downloading additional software/patches. If you modify/patch files in 'target' after a 'make', those changes will not propagate into 'build_dir'. To experiment with different patches, you either need to modify files in build_dir directly, or run 'make clean' before every make run.
Сохранение файла с лицензией MikroTik RouterOS
It's a good idea to save your RouterOS license .key file (export your license) before starting an install of OpenWrt.
A simple method is to use the Mikrotik WinBox Windows application, as discussed at the top of this wiki. See http://wiki.mikrotik.com/wiki/Manual:License.
Otherwise, boot RouterOS and export the key to a file:
/system license output
Then list the files on your device to see which file the .key file was saved:
/file print
On a fresh install, the key file should be #1 (or #0 on a RB433UAH).
Copy contents, alternative 1: to open the editor with file #1, type:
/file edit 1 value-name=contents
Then copy-paste the text in a file on your computer. (this alternative only support text files)
Copy contents, alternative 2: later v5 versions of RouterOS supports uploading files via the fetch command. Example:
fetch address=192.168.0.200 src-path=RJ15-ERX5.key user=ftp mode=ftp password=ftp dst-path=/pub/write/RJ15-ERX5.key upload=yes
Copy contents, alternative 3: download files from web interface. Example
http://192.168.88.1/webfig/#Files
The differences between the obtained key file and a key exported with Winbox are that the SoftwareID line is not present in the latter, and there are no empty lines, so you should probably delete all the empty lines in your file prior to import it for a new installation; the SoftwareID line should not bother the installer (untested).
Сохранение образа MikroTik RouterOS
From TFTP booted OpenWrt:
cat /proc/mtd # the following expects that kernel is mtd1 and rootfs is mtd2 mkdir /mnt/kernel /mnt/rootfs mount -o ro /dev/mtdblock1 /mnt/kernel mount -o ro /dev/mtdblock2 /mnt/rootfs cd /mnt/kernel tar czf /tmp/mikrotik-kernel.tar.gz . cd /mnt/rootfs tar czf /tmp/mikrotik-rootfs.tar.gz . cd /tmp scp mikrotik* username@your-server:tmp
If you skipped this step but find you need to restore your prior version of RouterOS, you can use the Mikrotik NetInstall utility to re-install a fresh copy of RouterOS. Mikrotik does provide copies of RouterOS .npk files on their website, however you need to be sure to have saved your license key in order to use NetInstall (if NetInstall does not recognize your existing license).
Be sure to use Mikrotik WinBox to export your license key before installing OpenWrt.
Notes
Patchworks
Router model specific pages may refer to http://patchwork.openwrt.org/patch/4773/raw/ URLs. That patchwork server was decommissioned in 2014. See https://dev.openwrt.org/ticket/17785 and https://lists.openwrt.org/pipermail/openwrt-devel/2014-December/029786.html.
The new patch server is https://patchwork.ozlabs.org. Patch numbers for the old server seemingly can not be translated to the new patchwork server so they are not accessible anymore. In general, all patches from the old patchserver should have already been integrated into trunk.
Rumors
Some wiki pages claim that parallel compilation with -j N mail fail OpenWrt build. This seems not to be a problem for >= 14.07 and AR71XX builds as for RouterBoards, parallel compile seems to work fine.
Some wiki pages claim that you need to put paths into the OpenWrt build tree into your .bashrc so that compilation works correctly. This does not seem to be the case anymore. No problems encountered.
Links
Routerboard 2011 Switch Fix thread
A Detailed Example of Installing OpenWrt on a Mikrotik RB493G (V18 Style) Written by the author of many of the V18 upgrades to this wiki. Procedure should work on most RouterBoards with only a change to the selected initramfs and sysupgrade.bin file names.
Using Mikrotik NetInstall to Install RouterOS Covers the process of re-installing RouterOS after you have previously installed OpenWrt. You may need to have a copy of your RouterOS license .key file to do this (if NetInstall does not recognize your prior license)